Verify that an Amazon EC2 instance is enabled for NitroTPM - Amazon Elastic Compute Cloud

Verify that an Amazon EC2 instance is enabled for NitroTPM

You can use one of the following methods to verify whether an Amazon EC2 instance is enabled for NitroTPM.

To verify whether an instance is enabled for NitroTPM

Use the describe-instances AWS CLI command and specify the instance ID. The Amazon EC2 console does not display the TpmSupport field.

aws ec2 describe-instances --instance-ids i-0123456789example

If NitroTPM support is enabled on the instance, "TpmSupport": "v2.0" appears in the output. For example:

"Instances": {
  "InstanceId":"0123456789example",
  "InstanceType":"c5.large",
  ...
  "BootMode": "uefi",
  "TpmSupport": "v2.0"
  ... 
}
(Windows instances only) To verify whether the NitroTPM is accessible to Windows

  1. Connect to your EC2 Windows instance.

  2. On the instance, run the tpm.msc program.

    The TPM Management on Local Computer window opens.

  3. Check the TPM Manufacturer Information field. It contains the manufacturer's name and the version of the NitroTPM on the instance.

    The TPM Management on Local Computer window and the TPM Manufacturer Information field showing the version of the NitroTPM on the instance.